DDoS attack that downed Twitter also hit Facebook

Computerworld - The same denial-of-service attack that took down Twitter this morning also slammed Facebook but with much less dramatic results.

Facebook noted on its site this afternoon that it too was fending off a distributed denial-of-service attack that was slowing its site. Unlike Twitter, which was down for two hours this morning, Facebook remained online.

"You may have had trouble accessing Facebook earlier today because of network issues related to an apparent distributed denial-of-service attack," the company wrote. "We have restored full access for most people. We'll keep monitoring the situation to make sure you have the reliable experience you expect from us."

Web site performance monitor AlertSite reported that Twitter's site wasn't back 100% until 2 p.m. EDT. AlertSite also noted that Facebook appeared to suffer little more than a few sporadic errors. Facebook's availability was at 97% at 10 a.m. when the attack was underway, and it was up to 100% availability soon after that.

While there's little more than online chatter and guesswork about the origins of the attacks, security analysts say the incident raises red flags that two giant Internet companies, like Twitter and Facebook would be hit in the same assault.

Randy Abrams, director of technical education at ESET, an IT security company based in Bratislava, Slovakia, said his best guess is that a major botnet herder was offering a demonstration of the power of his botnet to a potential client with a major target in mind.

"They could have been saying, 'Look what I can do to Twitter. I think my botnet can handle whatever you want it to do,'" said Abrams. "I'd put my money on this being a demonstration, a show of force, by someone looking to hire out their botnet."

Graham Cluley, senior technology consultant for Sophos, told Computerworld that whoever launched the attacks should beware the clout of those he's going after.

"Anything is possible, and we could make guesses like this until the cows come home ... We simply don't have enough information yet to be certain as to what the motivation was," he said. "One thing is certain -- if they did do this as a demonstration of how powerful their botnet is, they've just made themselves some new and angry enemies in the shape of some major Web 2.0 companies. I wouldn't be surprised if the computer crime authorities put some serious effort into trying to track down whoever was responsible. After all, if they can bring down social networking sites they can bring down banking sites."

Cluley also said it's not yet clear why Facebook faired so much better than Twitter. It could have been that the bulk of the assault was aimed at Twitter or that their defenses simply weren't as tough.

The attack against Twitter brought the site down between 9 a.m. and 11 a.m. EDT this morning. This afternoon, the microblogging site was still struggling with slowdowns and interruptions caused by the assault.

"As we recover, users will experience some longer load times and slowness," Twitter reported in its status update at 12:46 p.m. EDT. "This includes timeouts to API clients. We're working to get back to 100% as quickly as we can." The company had not posted another update by 3:30 p.m.

Oddly enough, even though the attack hit both Twitter and Facebook, while Twitter was down, frustrated users vented on Facebook. One Facebook user noted, "Suffering tweet withdrawal."

Read more about spam, malware and vulnerabilities in Computerworld's Spam, Malware and Vulnerabilities Knowledge Center.